Integer overflows in Qualcomm cryptographic engine driver on Android devices

Integer overflows in Qualcomm cryptographic engine driver on Android devices

CVE-2016-3935 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

Multiple integer overflows in drivers/crypto/msm/qcedev.c in the Qualcomm cryptographic engine driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29999665 and Qualcomm internal bug CR 1046507.

Learn more about our Cis Benchmark Audit For Google Android.